lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <82d33a2d-dffe-4268-a175-4536b3f9c07f@app.fastmail.com>
Date: Thu, 09 Jan 2025 09:56:28 +0100
From: "Arnd Bergmann" <arnd@...db.de>
To: "John Paul Adrian Glaubitz" <glaubitz@...sik.fu-berlin.de>,
 "Richard Henderson" <richard.henderson@...aro.org>,
 "Matt Turner" <mattst88@...il.com>,
 "Eric W. Biederman" <ebiederm@...ssion.com>, "Kees Cook" <kees@...nel.org>,
 "Paul E. McKenney" <paulmck@...nel.org>, linux-alpha@...r.kernel.org,
 linux-mm@...ck.org, linux-kernel@...r.kernel.org
Cc: "Michael Cree" <mcree@...on.net.nz>, "Sam James" <sam@...too.org>,
 "Maciej W. Rozycki" <macro@...am.me.uk>,
 "Geert Uytterhoeven" <geert@...ux-m68k.org>,
 "Michael Karcher" <kernel@...rcher.dialup.fu-berlin.de>,
 "Chris Hofstaedtler" <zeha@...ian.org>, util-linux@...r.kernel.org,
 linux-mips@...r.kernel.org, loongarch@...ts.linux.dev
Subject: Re: [PATCH] alpha: Fix personality flag propagation across an exec

On Thu, Jan 9, 2025, at 09:46, John Paul Adrian Glaubitz wrote:
> On Thu, 2025-01-09 at 09:43 +0100, Arnd Bergmann wrote:
>> On Thu, Jan 9, 2025, at 09:01, Arnd Bergmann wrote:
>> > On Fri, Jan 3, 2025, at 15:01, John Paul Adrian Glaubitz wrote:
>> > 
>> > > 
>> > >  #define SET_PERSONALITY(EX)					\
>> > > -	set_personality(((EX).e_flags & EF_ALPHA_32BIT)		\
>> > > -	   ? PER_LINUX_32BIT : PER_LINUX)
>> > > +	set_personality((((EX).e_flags & EF_ALPHA_32BIT)	\
>> > > +	   ? PER_LINUX_32BIT : PER_LINUX) | (current->personality & (~PER_MASK)))
>> > 
>> > This looks wrong to me: since ADDR_LIMIT_32BIT is not part of
>> > PER_MASK, executing a regular binary from a taso binary no longer
>> > reverts back to the entire 64-bit address space.
>> > 
>> > It seems that the behavior on most other architectures changed in 2012
>> > commit 16f3e95b3209 ("cross-arch: don't corrupt personality flags upon
>> > exec()").
>> > 
>
> So, if I understand this correctly, we should just use PER_MASK on alpha
> for 64-bit executables and allow the bits to be cleared for 32-bit binaries?

I think ideally the EF_ALPHA_32BIT handling should use TIF_32BIT
as we do on other architectures, at that point the custom SET_PERSONALITY()
can be removed in favor of the asm-generic version.

Alternatively this could do something like the arm32 version (note
that on arm, PER_LINUX_32BIT/ADDR_LIMIT_32BIT means "allow using
the entire 32-bit address space rather than limiting to 26 bits for
compatibility", while on alpha it means "use only 31 instead of
42 bits for addressing", but the logic can be the same):

        unsigned int personality = current->personality & ~PER_MASK;
        /*
         * APCS-26 is only valid for OABI executables
         */
        if ((eflags & EF_ARM_EABI_MASK) == EF_ARM_EABI_UNKNOWN &&
            (eflags & EF_ARM_APCS_26))
                personality &= ~ADDR_LIMIT_32BIT;
        else
                personality |= ADDR_LIMIT_32BIT;
        set_personality(personality);

In any case, I think we should fix alpha, mips and loongarch at
the same time, to make sure it doesn't take another decade to
fix the rest.

    Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ